LeakedIn Logo
Stories About Data Leaks and Related Stuff

Default Security Password

31 votedvote

Detected 3 occurrence(s) of ‘default (pass|passwd|password|secret)’:

Default host for mysql_connect() (doesn't apply in safe mode).
; http://php.net/mysqli.default-host
mysqli.default_host=

; Default user for mysql_connect() (doesn't apply in safe mode).
; http://php.net/mysqli.default-user
mysqli.default_user=

; Default password for mysqli_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
; and reveal this password!  And of course, a

Source: http://pastebin.com/raw.php?i=xqvqSvV1

Simple PIN code

12 votedvote

Detected 1 occurrence(s) of ‘^\s*pin[code]*\s*(:|=|is|was)\s’:

).toString("base64")
            enc_none_ok : true
        },

        ELASTICSEARCH : {
            host: 'localhost:9200',
            log: 'trace'
        },

        HACK : {

            TEST_PHONE : {

                regex: /1555.*/,
                pin: "1111"

            }, 
            
          MAIL: {
            service: 'gmail',
            auth: {
                user: 'renu@vyulabs.com',
                pass: '56renuka78'
            }
        }
            
            
        }

Detected 1 occurrence(s) of ‘\s*pass[word]+\s*[:=]\s*[“‘][a-z0-9\-_\!\$]+[“‘]’:

apple.ca0.pem'), yield FS.readFile('for_apple.ca1.pem')],
        //         pem_key_pass: 'b21eb5cf2ac2763940c1f382bc39777d82afc229'
        //     }
        // },

        CLICKATELL : {
            user : 'pveselov',
            api_id : 3505281,
            password : 'RNfHPeWHMOTYJb',
            from: '16179187351'
        },

        MONGO_URL : "mongodb://localhost:27017/test",

        REDIS : {
            host : 'localhost',
            port : 6379
        },

        TWITTER: {
            'com.vyulabs.live': {
   

Source: http://pastebin.com/raw.php?i=4U3WT0mc

URL with Credentials

3 votedvote

Detected 3 occurrence(s) of ‘[ht|f]tp[s]*:\/\/\w+\:.*\@\w*\.\w*’:

ngCamelContext.java:255)
	at org.apache.camel.spring.SpringCamelContext.onApplicationEvent(SpringCamelContext.java:121)
	... 13 more
Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve endpoint: master://SFTPIntegrationRouteLock:sftp://s449030:s449030@10.223.68.237/test_sftp_download/?move=success due to: Cannot auto create component: master
	at org.apache.camel.impl.DefaultCamelContext.getEndpoint(DefaultCamelContext.java:578)
	at org.apache.camel.util.CamelContextHelper.getMandatoryEndpoint(CamelContextHelp

Source: http://pastebin.com/raw.php?i=dQfvvcEF

Default Security Password

4 votedvote

Detected 3 occurrence(s) of ‘default (pass|passwd|password|secret)’:

Default host for mysql_connect() (doesn't apply in safe mode).
; http://php.net/mysqli.default-host
mysqli.default_host=

; Default user for mysql_connect() (doesn't apply in safe mode).
; http://php.net/mysqli.default-user
mysqli.default_user=

; Default password for mysqli_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
; and reveal this password!  And of course, a

Source: http://pastebin.com/raw.php?i=ZCxdg7rD

Shellcode

5 votedvote

Detected 1 occurrence(s) of ‘shellcode’:

used to hide (Registry Keys)
Process is injected so no need to hide it & no files are dropped on Disk,the password grabber has it’s own rootkit to hide files of reports (grabbed data)
-Dynamic Loading of all API’s
-Support for multiple backup domains
-Shellcode mode (code is position independant)
-Doesn’t interfer with memory protection DEP/ASLR offering you high stability
-Using 2 viable injection method (1 into default browser,1 into explorer.exe)
-Ability to run without Admin priviliege
-40 kb size uncomp

Source: http://pastebin.com/raw.php?i=raNjzHcK